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To  Plan  Well  We  Need  To  "Reasonably  Anticipate” 
Adversary  Adaptation  and  Its  Potential  Effects 

•  “The  goal  of  this  session  is  to  think  intelligently  &  systematically 
about  how  adversaries  adapt  to  our  investments  in  infrastructure 
protection ,  and  how  we  can  plan  security  accordingly :  ” 

•  Thinking  intelligently  about  adaptation  requires: 

-  Characterizing  the  range  of  options  available  to  adversaries 

-  Understanding  the  factors  that  shape  the  choices  that  they  make  and 
their  ability  to  change  effectively 

*  Linking  that  understanding  to  security  planning  requires: 

-  Analyzing  the  effect  of  different  types  of  adaptation  on  security 
effectiveness 

-  Understanding  how  “adaptation  externalities”  groups  face  affect  the 
risk  they  pose  more  broadly 

*  Both  these  topics  have  implications  for  what  data  is  needed  for 
assessing  the  overall  effectiveness  (effects?)  of  security  efforts 
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Briefing  Outline 


•  “The  goal  of  this  session  is  to  think  intelligently  &  systematically 
about  how  adversaries  adapt  to  our  investments  in  infrastructure 
protection ,  and  how  we  can  plan  security  accordingly 

•  What  we  know  about  adversary  adaptation  to  security  measures 

-  Characterizing  the  range  of  options  available  to  adversaries 

-  Understanding  the  factors  that  shape  the  choices  that  they  make  and 
their  ability  to  change  effectively 

*  Building  a  comprehensive  picture  of  adaptation  effects  on  risk 

-  Analyzing  the  effect  of  different  types  of  adaptation  on  security 
effectiveness 

-  Understanding  how  “adaptation  externalities”  groups  face  affect  the 
risk  they  pose  more  broadly 

*  Concluding  observations  on  analysis  and  data  collection  needs 
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What  Do  We  Know  About  Adversary  Adaptation 
In  Response  To  Security  Investments? 

•  Adversaries  -  terrorist, 
criminal,  and  other  groups  - 
often  change  their  behavior 
in  response  to  security 
measures 

-  Not  all  adaptation  that 
affects  security  performance 
is  caused  by  the  security 
measures  themselves 

-  But  many  of  the  more 
troubling  ones  are  - 
particularly  from  the 
perspective  of  security 
planners 
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Adversaries  Have  A  Wide  Variety  of 
Adaptation  Options  Available  To  Them 

Modifying  their  operational  designs  to  avoid  detection 
technologies  and  other  countermeasures 


Weapons  in 
Shoes 


Weapons  in 
Cargo 


^  of  the  Loom 


fruit  of  the  loom 


Weapons  in 
Underwear 


Weapons  in 
Carry-On 
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Adversaries  Have  A  Wide  Variety  of 
Adaptation  Options  Available  To  Them 


Modifying  the  weapons  technologies  they  use  to 
circumvent  defensive  efforts 
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Constructing 
improvised  mortar 
systems  to: 

•  throw  larger  shells 
over  security 
perimeters 

•  allow  timed  or 
remote  operation  to 
escape  preventive 
patrol  operations 
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Adversaries  Have  A  Wide  Variety  of 
Adaptation  Options  Available  To  Them 


Increasing  the  complexity  of  their  operations  to  include 
direct  attack  on  defensive  measures 


O 

An  initial 
suicide 
vehicle 
bomb 
strikes  the 
perimeter 
wall  around 
the  target. 


G 

With  the 
perimeter 
broken,  a 
second 
enters 
through  the 
breach  to 
strike. 
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Description  from  Washington  Post,  Oct  25,  2005. 


Multi-Suicide  Vehicle  Bomb 
Attack  on  Palestine  Hotel 
Baghdad,  Iraq 
October  24,  2005 


o  ooo 

Attack  included  a  third  vehicle 
that  detonated  prematurely 


Moving  From  Anecdotes  To  a  Taxonomy  Of 

Attacker  Adaptation  Options 

In  response  to  a  defensive  challenge,  a  group  could: 


Change  itself 

-  Reorganize 

-  Adjust  internal 
processes 

Change  its  activities 

-  Alter  what  it  is  doing 

-  How  it  is  doing  it 

-  Where  it  is  doing  it 

-  Etc. 


An  ongoing  RAND  study  is 
examining  different  ways  of 
categorizing  attackers 
adaptation  paths 


...  where  "resources 
could  be  people, 
materiel,  information 
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Note:  Diagram  focused  on  attack  behavior,  but  could  be  generalized.  8 


When  Considering  Their  Behavior,  We  Cannot  Forget 
Adversary  Groups  Are  Human  Organizations... 

9  Though  adversaries’  full  set  of  adaptation  options  is  a  useful 
starting  point... 

-  ...  It  is  unrealistic  to  assume  they  will  choose  and  implement  the 
“optimal”  path  out  of  that  option  set 

9  As  human  organizations,  adversaries  must  deal  with: 

-  Imperfect  information 

-  Organizational  idiosyncrasies  and  preferences 

-  Human  dysfunctions  in  decision  making 

-  Limits  on  the  ability  to  successfully  implement  their  chosen  course  of 
action 

9  As  a  result,  a  specific  adversary  may  not  even  consider  all  options, 
may  base  its  choice  among  them  on  “wrong”  information,  and  may 
not  be  able  to  pull  off  what  it  decides  to  do 

Anticipating  adversary  behavior  requires  understanding 
RAN  D  h°w  they  actually  act,  not  how  they  ideally  might  behave 


Anticipating  How  A  Specific  Group  Will  Adapt 
Requires  Digging  Into  Its  Decision  Process... 

•  Group’s  choices  are  shaped  by  internal  and  external  factors 

*  Choices  are  generally  a  sort  of  cost-risk-benefit  comparison, 
though  may  be  a  very  imperfect  one 

-  Different  adaptation  options  have  different  costs,  risks,  etc. 
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Alignment 
with  external 
influences 

*  State  sponsors 

*  Cooperating  groups 

*  Movements  and 
networks,,. 


^  Group  ' 
risk 

tolerance 


Dot 


Weakness 
of  defenses 


Resources 

available 

■  Money 
•Technology 
*  People 

■  Time 


Meed  of 
group  to  act 
■  For  cohesion 
*  Eias-to-action.. 


Effectiveness  vs.  counter- 
terrormsm  measures 


Action-specific 
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Sufficiency  of 
information 


Situational 
awareness  / 

Technical 

knowledge 


Threshold 
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From  K.  Cragin  and  P. Davis,  Eds.,  Social  Science  for 
Counterterrorism:  Putting  the  Pieces  Together,  Santa 
Monica,  CA:  RAND  Corp.,  2009. 


r  Counterterrorism 
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Anticipating  How  A  Specific  Group  Will  Adapt 
Requires  Digging  Into  Its  Decision  Process... 

•  Group’s  choices  are  shaped  by  internal  and  external  factors 

*  Choices  are  generally  a  sort  of  cost-risk-benefit  comparison, 
though  may  be  a  very  imperfect  one 

-  Different  adaptation  options  have  different  costs,  risks,  etc. 


How  a  group  weighs  different  factors  will 
determine  if,  for  example,  a  new  detection 
technology  is  viewed  as  a  threat  it  should  hide 
from,  a  target  it  should  attack,  or  an  opportunity 
to  manipulate  defense  behavior  by  creating  false 

alarms... 
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From  K.  Cragin  and  P. Davis,  Eds.,  Social  Science  for 
Counterterrorism:  Putting  the  Pieces  Together,  Santa 
Monica,  CA:  RAND  Corp.,  2009. 
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...And  Anticipating  Whether  Or  Not  It  Will 
Succeed  Requires  Understanding  Its  Capabilities 


*  A  group  without  the  ability  to  adapt 
may  gain  nothing  from  attempting 
to  do  so 

-  New  more  damaging  explosive 
device...  that  doesn’t  go  off. 

*  Social  science  has  identified  a 
variety  of  factors  that  affect  groups’ 
capability  to  adapt 

*  Even  if  it  is  successful  in 
responding  to  a  defensive  measure, 
is  the  change  “local”  or  “global:” 

-  Just  the  innovator  knows? 

-  Part  of  the  group  can  do  it? 

-  The  entire  group  has  the  capability? 


Factors  shaping  innovative 
&  adaptive  capability  include: 

•  Leadership  and  structure 

•  Group  culture 

•  Communications  modes 
(internal  and  external) 

•  Absorptive  capacity  for  new 
knowledge  or  technology 

•  Group  environment 

•  Stability  of  membership 

•  Resources  available 

•  Attitude  toward  risk 


RAND 
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Briefing  Outline 


*  What  we  know  about  adversary  adaptation  to  security 
measures 

-  Characterizing  the  range  of  options  available  to  adversaries 

-  Understanding  the  factors  that  shape  the  choices  that  they 
make  and  their  ability  to  change  effectively 

*  Building  a  comprehensive  picture  of  adaptation  effects  on  risk 

-  Analyzing  the  effect  of  different  types  of  adaptation  on  security 
effectiveness 

-  Understanding  how  “adaptation  externalities”  groups  face  affect 
the  risk  they  pose  more  broadly 

*  Concluding  observations  on  analysis  and  data  collection 
needs 
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We  Often  Think  About  Adaptation  Effects  On 
Security  From  A  Very  Local  Perspective 


A  new  detection 
technology  is 
installed  to 
protect  a 
transportation 
infrastructure 


“50%  chance  of 
detecting  attack” 


Benefit  from 
Reduced 
Probability  of 
Attack  Success 


Risk  reduction 
from  lower 


vulnerability 


Attacker  adopts  OPSEC  counter 
measures  to  avoid  detection 


“5%  chance  of 
detecting  attack” 


The  value  of  the 
measure  has  been 
decimated  by  the 
attacker...  Right? 


*  Tendency  is  to  think  about  effects  of  adaptation  in  a  binary  way 

-  “Adaptation  X  makes  security  measure  Y  ineffective” 


•  An  adaptation’s  effect  on  security  functionality  does  not  necessarily 
equal  its  effect  on  risk...  even  at  the  target  protected  by  the  measure 

-  In  the  example  above,  what  if  the  OPSEC  effort  tripled  the  resources  required  to 
stage  an  attack? 

-  Adaptation  means  vulnerability  is  only  cut  1/10  what  was  expected,  but  (holding 
attack  resources  constant)  threat  is  cut  by  2/3...  so  the  defense  is  still  ahead. 
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Different  Adaptation  Paths  Have  Varied  Effects 
On  Risk. . .  And  Value  Depends  On  Perspective 


If  attackers  pick  a  new  attack  mode  in  response  to  protections 
at  a  target,  risk  could  go  up  or  down: 

*  More  damaging  mode  ->  ARisk  +  at  protected  target 

•  Less  damaging  mode  ->  ARisk  -  at  protected  target  (though 
attack  frequency  might  remain  constant) 


RAND 
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Different  Adaptation  Paths  Have  Varied  Effects 
On  Risk. . .  And  Value  Depends  On  Perspective 


If  attackers  “answer”  to  a  defensive  investment  is  a  more 
complex  attack  design,  risk  will  decrease...  though  the  link  to 
the  security  measure  may  not  be  obvious: 

*  More  complex  attack  design  ->  Greater  chance  of  attack  failure 
when  attempted  ->  ARisk  -  at  protected  target 


Different  Adaptation  Paths  Have  Varied  Effects 
On  Risk...  And  Value  Depends  On  Perspective 


Attackers  deciding  to  “take  their  business  elsewhere”  -  change 
their  target  or  operational  area  -  may  be  a  win,  loss,  or  draw 
depending  on  perspective  of  analyst  assessing  it: 

*  Effect  is  a  ARisk  -  at  the  protected  target,  but... 

*  ...  if  a  comparable  target  is  attacked  elsewhere,  then  “globally”  the 
change  is  zero  at  best 


1.  Picka  New 
Attack  Mode 


2. Add 

Resources \  >  1 

Attack  Plan 


3.  Remove 
Resources 
from  Attack 
Plan 


4.  Modify 
Characteristics 
of  Resources 
Used 


_ K 

Achieving 
Objectives 
at  a  Target 

Attack 

Rt  Sources  focused  on  ) 

y *  K 

(Peo  e,  Tech,  etc.)  ^ 

Effect  of  Security 
Measure  Create^a 
“Risk  Externality” 
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...But  “Adaptation  Externalities”  On  The  Adversary 
Side  Also  Shape  Net  Risk  Effects  Of  Security 


A  new  detection 
technology  is 
installed  to 
protect  a 
transportation 
infrastructure 


Benefit  from 
Reduced 
Probability  oK 
Attack  Success 


Attacker  adopts  OPSEC  counter 
measures  to  avoid  detection 


Benefit  from 
Reduced 
Probability  ofx 
Attack  Success 


*  Returning  to  the  simple  example  where  an  attacker  devoted  3x  baseline 
resources  to  hide  from  a  new  detection  measure... 


•  Where  are  those  resources  coming  from? 

-  Earlier  slide  assumed  resources  devoted  to  the  target  were  constant 

•  Therefore,  attack  rate  dropped  by  2/3 

-  Does  the  group  pull  resources  from  elsewhere  to  make  up  for  the  loss? 

•  If  so,  attack  rate  may  not  fall  as  much...  and  risk  effect  will  depend  on  what 
activities  are  cut 

-  Does  the  group  try  to  raise  new  resources  to  make  up  the  shortfall? 

•  If  so,  the  risks  the  group  must  accept  to  do  so  could  be  a  key  outcome 
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Risk  Effect  of  Security  Measures  Given  Adversary 
Adaptation  Is  Therefore  a  Sum  Of  Sums 


Change 
in  Risk 


l 

I 
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Risk  changes 
associated  with 
successful 
adversary 
adaptations 


“Local”  risk 
changes  as  a 
result  of 
adaptation  - 
the  “binary 
comparison” 


Any  effects  of 
“risk  externalities” 
-  good  or  bad  - 
resulting  from 
adaptation 
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Any  effects  of 
“adaptation 
externalities”  on 
the  adversary 
(e.g.,  resources 
pulled  from  other 
tasks) 
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The  broadly  understood  It  is  less  common  to 

effect  of  simple  risk  include  the  effects  of 

displacement  falls  here  these  other  components 


Even  Qualitative  Analysis  of  Adaptation  Stimulated 
By  Different  Security  Measures  Could  Aid  Planning 


•  For  a  specific  measure: 

-  Which  adaptation  pathways  are  relevant  to  the  measure,  and 
what  types  of  risk  effects  will  they  produce? 

•  For  a  particular  adversary  of  interest: 

-  Are  there  detectable  preferences  for  which  adaptation  paths 
are  considered,  and  how  different  options  are  weighed? 

•  For  a  specific  measure  plus  an  adversary  of  interest: 

-  Are  the  “net  sums”  of  the  effects  from  the  measure, 
adaptation  to  the  measure,  the  risk  externalities,  and  the 
adaptation  externalities  on  the  adversary  likely  to  be  large  or 
small? 

Even  approximate  or  qualitative  answers  to  these  types  of 
questions  could  be  applicable  to  some  portfolio  analyses  or 
rand  “adaptation  sensitivity”  analyses  security  options 


Briefing  Outline 


*  What  we  know  about  adversary  adaptation  to  security 
measures 

-  Characterizing  the  range  of  options  available  to  adversaries 

-  Understanding  the  factors  that  shape  the  choices  that  they 
make  and  their  ability  to  change  effectively 

*  Building  a  comprehensive  picture  of  adaptation  effects  on  risk 

-  Analyzing  the  effect  of  different  types  of  adaptation  on  security 
effectiveness 

-  Understanding  how  “adaptation  externalities”  groups  face  affect 
the  risk  they  pose  more  broadly 

*  Concluding  observations  on  analysis  and  data  collection 
needs 
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Anticipating,  Adaptation  Effect  Requires 
Linking  The  First  Part  Of  Briefing  To  The  Second 


9  Anticipating  attacker  behavior  requires  drawing  on  what  we 
know  about  group  behavior  and  psychology 

-  Is  new  detector  viewed  as  a  threat  or  an  opportunity?  Or  neither? 

-  If  a  threat,  is  the  path  chosen  “offensive”  or  “defensive?” 

9  Analysts  also  must  be  sensitive  to  the  realistic  decision 
making  environment  in  adversary  groups 

-  We  cannot  assume  away  their  severe  information  challenges  and 
idiosyncratic  behaviors 

-  It  is  highly  unlikely  that  a  group  will  have  the  information  and 
capability  needed  to  respond  “optimally”  to  a  defense 

9  We  also  must  figure  out  how  to  at  least  make  estimates  of  the 
risk  effects  of  the  various  types  of  externalities 

-  Easier  ->  location  or  target  risk  displacement 

-  Harder  ->  effect  on  group’s  other  activities,  etc. 
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But...  There  are  Significant  Data  Issues 
Associated  With  What  Needs  To  Be  Done 


Foundational  work  on  adversary  adaptation  to  defensive 
measures  has  been  done  using  open  source  data 

-  Ex:  Sandler  et  al.  work  on  displacement  among  target  types 

-  RAND  case  studies  of  group  adaptation  behavior  and  learning 


A  new  weapon  type  or  a  targeting  shift  are  very  “visible” 
adaptations  for  observers  outside  an  adversary  group 

-  But  they  are  only  part  of  the  picture 


Other  adaptation 
types  (and  changes 
not  directly  related  to 
attack  operations)  are 
nearly  invisible  in  the 
data  sources  used  for 
most  such  analyses 
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Important  Data  Needed  To  Anticipate  Behavior 
Are  Also  Internal  To  Adversary  Groups 

*  Characterizing  adversary  decision  making  requires 
visibility  (or  at  least  some  insight)  into  their  internal 
deliberations  and  preferences 

•  This  can  be  done  in  some  cases  through  detailed  cases 
studies  where  information  is  available  in  the  open  source 

•  We  are  experimenting  with  doing  this  using  public  discourse 
from  a  group  (jihadi  internet  discussions) 

•  However,  collected  intelligence  would  be  a  more  direct  - 
and  likely  more  representative  -  source 

*  Assessing  -  or  even  sometimes  identifying  -  some  of  the 
important  externalities  similarly  depends  on  data  internal 
to  groups 

*  Analysis  requires  ways  of  either  estimating  these  effects 
or  marrying  open  with  closed  source  data 
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